Novy repasovaný notebook - kontrola

Zpráva

rjesa · #1 Příspěvek od **rjesa** » 25 led 2019 19:15

Dobrý den,

před chvíli jsem si pořídil repasovaný PC. Jelikož jsem člověk podezíravý, raději jsem jej nechal projet přes FRST. Níže přikládám log a předem děkuji za případnou kontrolu a info, zda-li je PC v pořádku.

Pěkný večer,

Rjesa

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by Eduardo (administrator) on EDUARDO-PC (25-01-2019 19:05:33)
Running from C:\Users\Eduardo\Desktop
Loaded Profiles: Eduardo (Available Profiles: Eduardo)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [736552 2016-03-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2016-03-31] (IDT, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2018-03-15] (Intel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-25] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{1AC15BCE-10F9-4B1A-88D5-5BA532F7D033}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6E89FFD9-6D30-4A51-84B8-BC27BDB7A7C6}: [DhcpNameServer] 10.250.0.10

Internet Explorer:
==================

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-25] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
CHR Extension: (Prezentace) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-25]
CHR Extension: (Dokumenty) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-25]
CHR Extension: (Disk Google) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-25]
CHR Extension: (YouTube) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-25]
CHR Extension: (Tabulky) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-25]
CHR Extension: (Gmail) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\Eduardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2016-03-31] (Alps Electric Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc.)
S3 dc21x4vm; C:\Windows\System32\DRIVERS\dc21x4vm.sys [57344 2009-06-10] (Microsoft Corp.)
S3 DellRbtn; C:\Windows\system32\drivers\DellRbtn.sys [19440 2016-03-31] (OSR Open Systems Resources, Inc.)
R3 kiox_ff_driver; C:\Windows\System32\DRIVERS\kiox_ff_driver.sys [32736 2015-01-07] (Kionix, Inc.)
R0 kxdiskprot; C:\Windows\System32\DRIVERS\kxdiskprot.sys [31176 2015-01-06] (Kionix, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2016-03-31] (Intel Corporation)
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjvstx64.sys [83688 2011-03-23] (O2Micro )
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [41712 2013-05-29] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated)
S3 ST_Accel; C:\Windows\System32\DRIVERS\ST_Accel.sys [137784 2016-03-31] (STMicroelectronics)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 19:05 - 2019-01-25 19:05 - 000006956 _____ C:\Users\Eduardo\Desktop\FRST.txt
2019-01-25 19:05 - 2019-01-25 19:05 - 000000000 ____D C:\FRST
2019-01-25 19:04 - 2019-01-25 19:04 - 002428416 _____ (Farbar) C:\Users\Eduardo\Desktop\FRST64.exe
2019-01-25 18:58 - 2019-01-25 18:58 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-25 18:58 - 2019-01-25 18:58 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-25 18:58 - 2019-01-25 18:58 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-25 18:58 - 2019-01-25 18:58 - 000002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-25 18:57 - 2019-01-25 18:58 - 000000000 ____D C:\Users\Eduardo\AppData\Local\Google
2019-01-25 18:57 - 2019-01-25 18:58 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-25 18:57 - 2019-01-25 18:57 - 000058016 _____ C:\Users\Eduardo\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-25 18:57 - 2019-01-25 18:57 - 000000000 ____D C:\Users\Eduardo\AppData\Local\Deployment
2019-01-25 18:57 - 2019-01-25 18:57 - 000000000 ____D C:\Users\Eduardo\AppData\Local\Apps\2.0
2019-01-25 18:55 - 2019-01-25 18:55 - 000001393 _____ C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-01-25 18:55 - 2019-01-25 18:55 - 000000000 ____D C:\Users\Eduardo\AppData\Roaming\Adobe
2019-01-25 18:55 - 2019-01-25 18:55 - 000000000 ____D C:\Users\Eduardo\AppData\Local\VirtualStore
2019-01-25 18:54 - 2019-01-25 18:55 - 000000000 ____D C:\Users\Eduardo
2019-01-25 18:54 - 2019-01-25 18:54 - 000000020 ___SH C:\Users\Eduardo\ntuser.ini
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Šablony
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Soubory cookie
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Poslední
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Okolní tiskárny
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Okolní síť
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Nabídka Start
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Dokumenty
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Documents\Obrázky
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Documents\Hudba
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Documents\Filmy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Eduardo\AppData\Local\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Šablony
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Poslední
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Šablony
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Plocha
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-01-25 18:54 - 2019-01-25 18:54 - 000000000 ____D C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-01-25 18:54 - 2011-04-12 10:24 - 000000000 ____D C:\Users\Eduardo\AppData\Roaming\Media Center Programs
2019-01-16 09:16 - 2019-01-16 09:16 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-16 09:16 - 2018-03-15 13:30 - 000041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2019-01-16 09:14 - 2019-01-16 09:14 - 000000000 ____D C:\Intel
2019-01-16 09:14 - 2015-12-18 11:22 - 000056832 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2019-01-16 09:14 - 2015-12-18 11:22 - 000056320 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2019-01-16 09:12 - 2019-01-16 09:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_kiox_ff_driver_01011.Wdf
2019-01-16 09:12 - 2015-05-07 13:31 - 000404752 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2019-01-16 09:12 - 2015-01-07 06:49 - 000096768 _____ C:\Windows\system32\kxffinstall.dll
2019-01-16 09:12 - 2015-01-07 06:49 - 000032736 _____ (Kionix, Inc.) C:\Windows\system32\Drivers\kiox_ff_driver.sys
2019-01-16 09:12 - 2015-01-06 20:11 - 000031176 _____ (Kionix, Inc.) C:\Windows\system32\Drivers\kxdiskprot.sys
2019-01-16 09:12 - 2015-01-06 18:11 - 000351274 _____ C:\Windows\system32\kxdiskprot.cab
2019-01-16 09:12 - 2014-05-02 10:02 - 000495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2019-01-16 09:12 - 2013-07-25 01:08 - 000073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2019-01-16 09:12 - 2013-07-11 01:27 - 000089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2019-01-16 09:12 - 2012-01-06 12:02 - 000003114 _____ C:\Windows\system32\e1c62x64.din
2019-01-16 09:12 - 2009-05-26 08:05 - 000036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2019-01-16 09:10 - 2019-01-16 09:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-01-16 09:04 - 2019-01-16 09:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2019-01-16 09:04 - 2019-01-16 09:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2019-01-16 09:04 - 2019-01-16 09:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2019-01-16 09:04 - 2019-01-16 09:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01009.Wdf
2019-01-16 09:04 - 2019-01-16 09:04 - 000000000 ____D C:\Program Files\IDT
2019-01-16 09:04 - 2016-03-31 13:50 - 006101504 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2019-01-16 09:04 - 2016-03-31 13:50 - 001897984 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2019-01-16 09:03 - 2019-01-16 09:12 - 000000000 ____D C:\Program Files\DIFX
2019-01-16 09:03 - 2019-01-16 09:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ST_Accel_01011.Wdf
2019-01-16 09:03 - 2019-01-16 09:03 - 000000000 ____D C:\Windows\CSC
2019-01-16 09:03 - 2015-01-09 10:25 - 000023216 _____ (ST Microelectronics) C:\Windows\system32\Drivers\stdcfltn.sys
2019-01-16 09:02 - 2019-01-16 09:02 - 000000000 ____D C:\Program Files\STMicroelectronics
2019-01-16 09:01 - 2019-01-16 09:01 - 000000000 ____D C:\Program Files\DellTPad
2019-01-16 08:59 - 2019-01-16 08:59 - 000000000 ____D C:\Program Files\Synaptics

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-25 18:59 - 2011-04-12 10:17 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-01-25 18:59 - 2011-04-12 10:17 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-01-25 18:59 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-25 18:59 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-25 18:56 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-25 18:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-25 18:54 - 2009-07-14 05:45 - 000267368 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-25 18:54 - 2009-07-14 05:45 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-25 18:54 - 2009-07-14 05:45 - 000017056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-25 18:54 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT
2019-01-25 18:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-16 09:56 - 2017-02-28 16:54 - 000000000 ____D C:\Windows\Panther
2019-01-16 09:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-01-16 09:02 - 2009-07-14 06:32 - 000032768 _____ C:\Windows\system32\config\BCD-Template

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-28 16:55

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Eduardo (25-01-2019 19:06:13)
Running from C:\Users\Eduardo\Desktop
Windows 7 Professional Service Pack 1 (X64) (2019-01-25 17:54:57)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2940377764-4151615574-810748494-500 - Administrator - Disabled)
Eduardo (S-1-5-21-2940377764-4151615574-810748494-1000 - Administrator - Enabled) => C:\Users\Eduardo
Guest (S-1-5-21-2940377764-4151615574-810748494-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Balíček ovladače systému Windows - Kionix, Inc. kxdiskprot DiskDrive (01/06/2015 1.1.3.0) (HKLM\...\4B5FFFEC64A09A0DFBB201BC7D9F267F9B77F1C1) (Version: 01/06/2015 1.1.3.0 - Kionix, Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.102 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-12-18] (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {965505E5-61D2-4BF0-BE0E-68153B1D9701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)
Task: {EF715BF7-3D4A-4687-BB28-71A2B50A71A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============

2019-01-25 18:58 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-25 18:58 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2940377764-4151615574-810748494-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Eduardo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Corporation)
FirewallRules: [{93FF38FF-DEBF-4397-B1D5-B97FBE1A438E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/25/2019 06:56:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/25/2019 06:53:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 37%
Total physical RAM: 8097.17 MB
Available physical RAM: 5085.96 MB
Total Virtual: 16192.51 MB
Available Virtual: 12184.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.21 GB) (Free:428.61 GB) NTFS

\\?\Volume{257a2e91-1296-43d6-be38-507350773f8f}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#2 Příspěvek od **Diallix** » 25 led 2019 19:18

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, klikni na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

rjesa · #3 Příspěvek od **rjesa** » 25 led 2019 21:33

dekuji za odpověď. Vkládám log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2019
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

#4 Příspěvek od **Diallix** » 26 led 2019 04:06

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-01-25 18:58 - 2019-01-25 18:58 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-25 18:58 - 2019-01-25 18:58 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {965505E5-61D2-4BF0-BE0E-68153B1D9701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)
Task: {EF715BF7-3D4A-4687-BB28-71A2B50A71A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

rjesa · #5 Příspěvek od **rjesa** » 26 led 2019 20:14

provedeno, log níže. Jen pro info - bylo tam neco podezreleho nebo zbytecneho?

dekuji. R.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26.01.2019
Ran by Eduardo (26-01-2019 20:12:32) Run:1
Running from C:\Users\Eduardo\Desktop
Loaded Profiles: Eduardo (Available Profiles: Eduardo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-01-25 18:58 - 2019-01-25 18:58 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-25 18:58 - 2019-01-25 18:58 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {965505E5-61D2-4BF0-BE0E-68153B1D9701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)
Task: {EF715BF7-3D4A-4687-BB28-71A2B50A71A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-25] (Google Inc.)
*****************

HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{965505E5-61D2-4BF0-BE0E-68153B1D9701}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{965505E5-61D2-4BF0-BE0E-68153B1D9701}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EF715BF7-3D4A-4687-BB28-71A2B50A71A5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF715BF7-3D4A-4687-BB28-71A2B50A71A5}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully

==== End of Fixlog 20:12:32 ==

#6 Příspěvek od **Diallix** » 26 led 2019 20:16

Log vypada dobre.

Boli to zbytocnosti :]]
Ako je na tom pocitac?

rjesa · #7 Příspěvek od **rjesa** » 26 led 2019 21:47

No šlape dobře. Ještě mě tam při spuštění systému zlobí nějaká okna, jestli chci spustit následující:

C:\Program Files:\DellTPad\HidFind.exe
C:\Program Files:\DellTPad\Apntex.exe
C:\Program Files:\DellTPad\ApMsgFwd.exe
...ost Controller Driver\Application\iusb3mon.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files:\IDT\WDM\sttray64.exe
C:\Program Files:\DellTPad\Apoint.exe

Ale podle toho co tam vidim, to je asi neskodne, ne?

Ještě jedna věc mě překvapila, že prodejce říkal, že při spuštění bude potřeba zadat Windows Product Key, ale nic po mně systém nechtěl...

R.

#8 Příspěvek od **Diallix** » 27 led 2019 01:51

Ještě mě tam při spuštění systému zlobí nějaká okna

Ake okna? Môzete sem dat scren?

Ano, su to OK polozky.

rjesa · #9 Příspěvek od **rjesa** » 04 úno 2019 19:15

Omlouvam se za prodleni, byl jsem v zahranici a nemel jsem s sebou PC. Printscreen je v priloze.

R.

#10 Příspěvek od **Diallix** » 04 úno 2019 19:24

Ide o UserAccess Controll, je to ok.

VIRY.CZ

Novy repasovaný notebook - kontrola

Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola

Re: Novy repasovaný notebook - kontrola